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ABSTRACT 



A Web/Internet based monitoring system provides a com- 
mon GUI enabling the requesting and real-time viewing of 
telecommunication network traffic and statistical data per- 
taining to a customer's telecommunication network. Such a 
monitoring system includes: a client browser application 
located at a client workstation for enabling interactive Web 
based communications between a customer and the moni- 
toring system; at least one secure server for managing client 
sessions over the Internet via one or more secure connec- 
tions; a device for generating statistical data based on 
real-time call data obtained from a telecommunications 
network, the statistical data being generated according to a 
pre-defined user profile; a mechanism for periodically 
retrieving the statistical data according to the user profile 
and for integrating the retrieved statistical data within a Web 
page for presentation to the user over a secure socket 
connection at pre-defined intervals. The Web page is updated 
to contain the latest generated statistical data each interval, 
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INTEGRATED PROXY INTERFACE FOR The Web page is continuously updated to include the latest 

WEB BASED TELECOMMUNICATIONS generated statistical data each interval. 

MANAGEMENT TOOLS The user profile comprises a specification of the telecom- 
munications network phone numbers for which statistical 

CROSS-REFERENCE TO RELATED S data is to be generated, a polling interval specification, and 

APPLICATIONS me types of statistics to be generated per phone number. This 

The following patent application is based on and claims P rofilc * generated at the customer workstation via the 

the benefit of U.S. Provisional Patent Application Ser. No. ^grated interface and communicated over the secure 

60/060,655, filed Sep. 26, 1997. socket connection to the retrieving mechanism. 



FIELD OF THE INVENTION 



BRIEF DESCRIPTION OF THE DRAWINGS 



, . A . , 4 „ A . - . Further features and advantages of the invention will 

Hie present invenUon relates generally to formation becQme more readu t £ of the 

delivery systems and, particularly, to a novel, WWW/ following detaUed description set forth with reference to the 

Internet-based, real-time telecommumcations network traf- is accom ^ drawings, which specify and show preferred 

fie monitoring service for customers of a telecommunica- embodiments of lhe ; nvention; wherein Uke e i emems are 

tions service provider. designated by identical references throughout the drawings; 



BACKGROUND OF THE INVENTION 



and in which: 



2,, FIG. 1 illustrates the software architecture component 

Currently, large telecommunications inter-exchange car- comprising a three-tiered structure 

rier enterprises such as AT&T, Sprint, MCI, etc provide na 2 fc a di matic overview of me wflware archi . 

management and performance information relating to tecture of the networkMCI lnteract t 

telecommunications, e.g., toll-free, networks. Such network - . . 

management information generally includes details of net- FIG - 3 15 ^ lUustraUve example of a backplane architec- 

work use and performance such as, for instance, real time 25 ture scnematlc > 

status and alarm information, near real time performance 4 illustrates an example client GUI presented to the 

data, traffic and usage statistics, etc. While this data may be client/customer as a browser web page; 

available "on-line," they are typically communicated over FIG. 5 is a diagram depicting the physical networkMCI 

dedicated network lines to a customer's location employing Interact system architecture; 

a dedicated computing platform, e.g., Unix operating piG. 6 illustrates the unpriced reporting component 500 

system, and, in some cases, employing dumb terminals f or n MCI Interact Web-based reporting system; 

having a user interface Often these systems require deploy- FIG. 7 is an general flow diagram of the process by which 

ment of proprietary software, and, in some instances, the ^ ^ 55Q u data 

inter-exchange carrier enterprise requires customer's to pur- „ „ T - a . , 4 . a j. „ . A . .... 

chase network monitoring hardware, which can be a very 35 Jl 0 ' 8 18 a deUlled f flow d fP m de P lctln Si h * lnte "J al 

expensive proposition. Moreover, current network monitor- ^ "f™ P roC6SS6S receivmg customer TVS enable- 

ing systems are limited in the types of services available for menl data from order ^ and C0RE s y slem * 

customers ^IG. ' ^ a high-level diagram depicting TCR data flow 

T# ij u l- Li j ■ ui * -j Yi> u u j between processes internal to the TVS server: 

It would be highly desirable to provide a Web-based 4n r ' 

client-server application implementing a real-time monitor- FIGS * l<K«H0(c) illustrate flow charts describing the 

ing function with the capability of communicating real-time real-time monitoring process of the invention. 

network performance and statistical information relating to FIG. U illustrates the particular methodology employed 

usage of their telecommunications network over the Internet for periodically updating a Web page with updated statistical 

to a client workstation having a Web browser. 45 data. 

FIGS. 12(a)-12(j) illustrate example screen displays illus- 

SUMMARY OF THE INVENTION (rating the real-time monitoring (RTM) system functionality 

The present invention is directed to a novel Intranet/ of the mventl0n - 

Inter net/Web -based monitoring system that enables a cus- DETAILED DESCRIPTION OF THE 

tomer of a telecommunications service provider to request 50 INVENTION 
and view, in real-time, telecommunication network traffic 

and statistical data pertaining to that customer's inbound, Th e present invention is one component of an integrated 
toll free, and outbound telecommunications network traffic. suite of customer network management and report applica- 
Such a Intranet/Internet/Web-based monitoring system is a uons using a Web browser paradigm. Known as the net- 
client-server application including: a client browser appli- 55 workMCI Interact system ("nMCI Interact") such an inte- 
cation located at a client workstation for enabling interactive grated suite of Web-based applications provides an 
Web based communications between a customer and the invaluable tool for enabling customers to manage their 
monitoring system; at least one secure server for managing telecommunication assets, quickly and securely, from any- 
client sessions over the Internet via one or more secure where in the world. 

connections; a device for generating statistical data based on 60 As described in co-pending U.S. patent application Ser. 
real-time call data obtained from a telecommunications No. 09/159,695, filed Sep. 24, 1998 entitled INTEGRATED 
network, the statistical data being generated according to a CUSTOMER INTERFACE FOR WEB BASED COMMU- 
pre-defined user profile; and, a mechanism for periodically NICAHON NETWORK MANAGEMENT, the nMCI Inter- 
retrieving the statistical data according to the user profile act system architecture is basically organized as a set of 
and for integrating the retrieved statistical data within a Web 65 common components comprising the following, 
based communication, e.g., Web-page, for presentation to 1) an object-oriented software architecture detailing the 
the user over a secure connection at pre-defined intervals. client and server based aspect of nMCI Interact; 
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2) a network architecture defining the physical network MCI Intranet Dispatcher Server 26; and the MCI Intranet 
needed to satisfy the security and data volume require- Application servers 30, and the data warehouses, legacy 
ments of the networkMCI System; systems, etc. 40. 

3) a data architecture detailing the application, back-end The Customer Browser 20, is browser enabled and 
or legacy data sources available for networkMCI Inter- 5 includes client applications responsible for presentation and 
act; and front-end services. Its functions include providing a user 

4) an infrastructure covering security, order entry, interface to various MCI services and supporting commu- 
fulfillment, billing, self -monitoring, metrics and sup- nications with MCFs Intranet web server cluster 24. As 
port. illustrated in FIG. 3, and more specifically described in the 

Each of these common component areas will be generally 10 above-mentioned, co-pending U.S. patent application Ser. 

discussed hereinbelow. A detailed descriptions of each of No. 09/159,515, filed Sep. 24, 1998, entitled GRAPHICAL 

these components can be found in a related, co-pending U.S. USER INTERFACE FOR WEB ENABLED 

patent application U.S. Ser. No. 09/159,695 entitled INTE- APPLICATIONS, the client tier software is responsible for 

GRATED CUSTOMER INTERFACE SYSTEM FOR presentation services to the customer and generally includes 

COMMUNICATIONS NETWORK MANAGEMENT, the 15 a web browser 14 and additional object-oriented programs 

disclosure of which is incorporated herein by reference residing in the client workstation platform 20. The client 

thereto, software is generally organized into a component architec- 

FIG. 1 is a diagrammatic illustration of the software ture with each component generally comprising a specific 
architecture component in which the present invention func- application, providing an area of functionality. The applica- 
tions. A first or client tier 10 of software services are resident 20 tions generally are integrated using a "backplane" services 
on a customer work station 10 and provides customer access layer 12 which provides a set of services to the application 
to the enterprise system, having one or more downloadable objects which provide the front end business logic and 
application objects directed to front end business logic, one manages their launch The networkMCI Interact common set 
or more backplane service objects for managing sessions, of objects provide a set of services to each of the applica- 
one or more presentation services objects for the presenta- is tions such as: 1) session management; 2) application launch; 
tion of customer options and customer requested data in a 3) inter-application communications; 4) window navigation 
browser recognizable format and a customer supplied among applications; 5) log management; and 6) version 
browser for presentation of customer options and data to the management. 

customer and for internet communications over the public The primary common object services include: graphical 

Internet. Additionally applications are directed to front end 30 user interface (GUI); communications; printing; user 

services such as the presentation of data in the form of tables identity, authentication, and entitlements; data import and 

and charts, and data processing functions such as sorting and export; logging and statistics; error handling; and messaging 

summarizing in a manner such that multiple programs are services. 

combined in a unified application suite. FIG. 3 is a diagrammatic example of a backplane archi- 
A second or middle tier 12, is provided having secure web 35 tecture scheme illustrating the relationship among the corn- 
servers and back end services to provide applications that mon objects. In this example, the backplane services layer 
establish user sessions, govern user authentication and their 12 is programmed as a Java applet which can be loaded and 
entitlements, and communicate with adaptor programs to launched by the web browser 14. With reference to FIG. 3, 
simplify the interchange of data across the network. a typical user session starts with a web browser 14 creating 
A third or back end tier 15 having applications directed to 40 a backplane 12, after a successful logon. The backplane 12, 
legacy back end services including database storage and inter alia, presents a user with an interface for networkMCI 
retrieval systems and one or more database servers for Interact application management. A typical user display 
accessing system resources from one or more legacy hosts. provided by the backplane 12 may show a number of 
Generally, as explained in co -pending U.S. patent appli- applications the user is entitled to run, each application 
cation Ser. No. 09/159,515, filed Sep. 24, 1998, entitled 45 represented by buttons depicted in FIG. 3 as buttons S%a } b } c 
GRAPHICAL USER INTERFACE FOR WEB ENABLED selectable by the user. As illustrated in FIG. 3, upon selec- 
APPLICATIONS, the disclosure of which is incorporated tion of an application, the backplane 12 launches that 
herein by reference thereto, the customer workstation specific application, for example, Service Inquiry 54a or 
includes client software capable of providing a platform- Alarm Monitor 54fc, by creating the application object. In 
independent, browser-based, consistent user interface imple- 50 processing its functions, each application in turn, may utilize 
menting objects programmed to provide a reusable and common object services provided by the backplane 12. FIG. 
common GUI abstraction and problem-domain abstractions. 3 shows graphical user interface objects S6a,b created and 
More specifically, the client-tier software is created and used by a respective application 54a,b for its own presen- 
distributed as a set of Java classes including the applet tation purposes, 

classes to provide an industrial strength, object-oriented 55 FIG. 4 illustrates an example client GUI presented to the 

environment over the Internet. Application-specific classes client/customer as a browser web page 80 providing, for 

are designed to support the functionality and server inter- example, a suite 70 of network management reporting 

faces for each application with the functionality delivered applications including: MCI Traffic Monitor 72; an alarm 

through the system being of two -types: 1) cross-product, for monitor 73; a Network Manager 74 and Intelligent Routing 

example, inbox and reporting functions, and 2) product 60 75. Access to network functionality is also provided through 

specific, for example, toll free network management or Call Report Requester 76, which provides a variety of detailed 

Manager functions. The system is capable of delivering to reports for the client/customer and a Message Center 77 for 

customers the functionality appropriate to their product mix. providing enhancements and functionality to traditional 

FIG. 2 is a diagrammatic overview of the software archi- e-mail communications, 

tecture of the networkMCI Interact system including: the 65 As shown in FIGS. 3 and 4, the browser resident GUI of 

Customer Browser (a.k.a. the Client) 20; the Demilitarized the present invention implements a single object, COBack- 

Zone (DMZ) 17 comprising a Web Servers cluster 24; the Plane which keeps track of all the client applications, and 
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which has capabilities to start, stop, and provide references completely independent of all previous or future connections 

to any one of the client applications. between the same server and client. The nMCI Interact 

The backplane 12 and the client applications use a system is implemented with a secure version of HTTP such 

browser 14 such as the Microsoft Explorer versions 4.01 or as S-HTIP or HTTPS, and preferably utilizes the SSL 

higher for an access and distribution mechanism. Although 5 implementation of HTTPS. The preferred embodiment uses 

the backplane is initiated with a browser 14, the client SSL which provides a cipher spec message which provides 

applications are generally isolated from the browser in that server authentication during a session. The preferred 

they typically present their user interfaces in a separate embodiment further associates a given HTTPS request with 

frame, rather than sitting inside a Web page. a logical session which is initiated and tracked by a "cookie 

The backplane architecture is implemented with several 10 jar server" 28 to generate a "cookie" which is a unique 

primary classes. These classes include COBackPlane, server-generated key that is sent to the client along with each 

COApp, COAppImpl, COParm. and COAppFrame classes. reply to a HTTPS request. The client holds the cookie and 

COBackPlane 12 is an application backplane which returns it to the server as part of each subsequent HTTPS 

launches the applications 54a, 54b, typically implemented as request. As desired, either the Web servers 24, the cookie jar 

COApp. COBackPlane 12 is generally implemented as a 15 server 28 or the Dispatch Server 26, may maintain the 

Java applet and is launched by the Web browser 14. This "cookie jar" to map these keys to the associated session. A 

backplane applet is responsible for launching and closing the separate cookie jar server 28, as illustrated in FIG. 2 has 

COApps. been found desirable to minimize the load on the dispatch 

When the backplane is implemented as an applet, it server 26. This form of session management also functions 

overrides standard Applet methods init(),start(),stop() and 20 as an authentication of each HTTPS request, adding an 

run( ). In the init( ) method, the backplane applet obtains a additional level of security to the overall process. 

COUser user context object. The COUser object holds As illustrated in FIG. 2, after one of the DMZ Web servers 

information such as user profile, applications and their 24 decrypts and verifies the user session, it forwards the 

entitlements. The user's configuration and application message through a firewall 25b over a TCP/IP connection 23 

entitlements provided in the COUser context are used to 25 to the dispatch server 26 on a new TCP socket while the 

construct the application toolbar and Inbox applications. original socket 22 from the browser is blocking, waiting for 

When an application toolbar icon is clicked, a particular a response. The dispatch server 26 will unwrap an outer 

COApp is launched by launchApp( ) method. The launched protocol layer of the message from the DMZ services cluster 

application then may use the backplane for inter-application 24, and will reencrypt the message with symmetric encryp- 

communications, including retrieving Inbox data. 30 tion and forward the message to an appropriate application 

The CoBackPlane 12 includes methods for providing a proxy via a third TCP/IP socket 27. While waiting for the 

reference to a particular COApp, for inte roper ation. For proxy response all three of the sockets 22, 23, 27 will be 

example, the COBackPlane class provides a getApp( ) blocking on a receive. Specifically, once the message is 

method which returns references to application objects by decrypted, the wrappers are examined to reveal the user and 

name. Once retrieved in this manner, the application object's 35 the target middle-tier (Intranet application) service for the 

public interface may be used directly. request. A first-level validation is performed, making sure 

The use of a set of common objects for implementing the that the user is entitled to communicate with the desired 

various functions provided by the system of the present service. The user's entitlements in this regard are fetched by 

invention, and particularly the use of browser based objects the dispatch server 26 from StarOE server 49 at logon time 

to launch applications and pass data therebetween is more 40 and cached. 

fully described in the above-referenced, copending applica- If the requester is authorized to communicate with the 

tion GRAPHICAL USER INTERFACE FOR WEB target service, the message is forwarded to the desired 

ENABLED APPLICATIONS. service's proxy. Each application proxy is an application 

As shown in FIG. 2, the aforesaid objects will commu- specific daemon which resides on a specific Intranet server, 

nicate the data by establishing a secure TCP messaging 45 shown in FIG. 2 as a suite of mid-range servers 30. Each 

session with one of the DMZ networkMCI Interact Web Intranet application server of suite 30 is generally respon- 

servers 24 via an Internet secure communications path 22 sible for providing a specific back-end service requested by 

established, preferably, with a secure sockets SSL version of the client, and, is additionally capable of requesting services 

HTTPS. The DMZ networkMCI Interact Web servers 24 from other Intranet application servers by communicating to 

function to decrypt the client message, preferably via the 50 the specific proxy associated with that other application 

SSL implementation, and unwrap the session key and verify server. Thus, an application server not only can offer its 

the users session. After establishing that the request has browser a client to server interface through the proxy, but 

come from a valid user and mapping the request to its also may offer all its services from its proxy to other 

associated session, the DMZ Web servers 24 will re-encrypt application servers. In effect, the application servers request - 

the request using symmetric encryption and forward it over 55 ing service are acting as clients to the application servers 

a second connection 23 to the dispatch server 26 inside the providing the service. Such mechanism increases the secu- 

enterprise Intranet. rity of the overall system as well as reducing the number of 

As described in greater detail in co-pending U.S. patent interfaces, 

application Ser. No. 09/159,514, filed Sep. 24, 1998, entitled The network architecture of FIG. 2 may also include a 

SECURE CUSTOMER INTERFACE FOR WEB-BASED 60 variety of application specific proxies having associated 

DATA MANAGEMENT, the contents and disclosure of Intranet application servers including: a StarOE proxy for 

which is incorporated by reference as if fully set forth the StarOE application server 39 for handling authentication 

herein, a networkMCI Interact session is designated by a order entry/billing; an Inbox proxy for the Inbox application 

logon, successful authentication, followed by use of server server 31, which functions as a container for completed 

resources, and logoff. However, the world-wide web com- 65 reports, call detail data and marketing news messages, a 

munications protocol uses HTTP, a stateless protocol, each Report Manager Proxy capable of communicating with a 

HTTP request and reply is a separate TCP/IP connection, system-specific Report Manager server 32 for generating, 
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managing and scheduling the transmission of customized 
reports including, for example: call usage analysis informa- 
tion provided from the StarODS server 33; network traffic 
analysis/monitor information provided from the Traffic view 
server 34; virtual data network alarms and performance 
reports provided by Broadband server 35; trouble tickets for 
switching, transmission and traffic faults provided by Ser- 
vice Inquiry server 36; and toll free routing information 
provided by Toll Free Network Manager server 37. 

As partially shown in FIG. 2, it is understood that each 
Intranet server of suite 30 communicates with one or several 
consolidated network databases which include each custom- 
er's network management information and data. In the 
present invention the Services Inquiry server 36 includes 
communication with MCFs Customer Service Management 
legacy platform 40(a). Such network management and cus- 
tomer network data is additionally accessible by authorized 
MCI management personnel. As shown in FIG. 2, other 
legacy platforms 40(b), 40(c) and 40(d) may also commu- 
nicate individually with the Intranet servers for servicing 
specific transactions initiated at the client browser. The 
illustrated legacy platforms 40(a)-(a*) are illustrative only 
and it is understood other legacy platforms may be inter- 
preted into the network architecture illustrated in FIG. 2 
through an intermediate midrange server 30. 

Each of the individual proxies may be maintained on the 
dispatch server 26, the related application server, or a 
separate proxy server situated between the dispatch server 
26 and the midrange server 30. The relevant proxy waits for 
requests from an application client running on the custom- 
er's workstation 10 and then services the request, either by 
handling them internally or forwarding them to its associ- 
ated Intranet application server 30. The proxies additionally 
receive appropriate responses back from an Intranet appli- 
cation server 30. Any data returned from the Intranet appli- 
cation server 30 is translated back to client format, and 
returned over the internet to the client workstation 10 via the 
Dispatch Server 26 and at one of the web servers in the DMZ 
Services cluster 24 and a secure sockets connection. When 
the resultant response header and trailing application spe- 
cific data are sent back to the client browser from the proxy, 
the messages will cascade all the way back to the browser 14 
in real time, limited only by the transmission latency speed 
of the network. 

The networkMCI Interact middle tier software includes a 
communications component offering three (3) types of data 
transport mechanisms: 1) Synchronous; 2) Asynchronous; 
and 3) Bulk transfer. Synchronous transaction is used for 
situations in which data will be returned by the application 
server 40 quickly. Thus, a single TCP connection will be 
made and kept open until the full response has been 
retrieved. 

Asynchronous transaction is supported generally for situ- 
ations in which there may be a long delay in application 
server 40 response. Specifically, a proxy will accept a 
request from a customer or client 10 via an SSL connection 
and then respond to the client 10 with a unique identifier and 
close the socket connection. The client 10 may then poll 
repeatedly on a periodic basis until the response is ready. 
Each poll will occur on a new socket connection to the 
proxy, and the proxy will either respond with the resultant 
data or, respond that the request is still in progress. This will 
reduce the number of resource consuming TCP connections 
open at any time and permit a user to close their browser or 
disconnect a modem and return later to check for results. 

Bulk transfer is generally intended for large data transfers 
and are unlimited in size. Bulk transfer permits cancellation 
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during a transfer and allows the programmer to code 
resumption of a transfer at a later point in time. 

FIG. 5 is a diagram depicting the physical networkMCI 
Interact system architecture 10. As shown in FIG. 5, the 

5 system is divided into three major architectural divisions 
including: 1) the customer workstation 20 which include 
those mechanisms enabling customer connection to the 
Secure web servers 24; 2) a secure network area 17, known 
as the DeMilitarized Zone "DMZ" set aside on MCI pre- 

10 mises double flrewalled between the both the public Internet 
25 and the MCI Intranet to prevent potentially hostile 
customer attacks; and, 3) the MCI Intranet Midrange Servers 
30 and Legacy Mainframe Systems 40 which comprise the 
back end business logic applications. 

15 As illustrated in FIG. 5, the present invention includes a 
double or complex firewall system that creates a "demilita- 
rized zone" (DMZ) between two firewalls 25a, 2Sb. In the 
preferred embodiment, one of the firewalls 29 includes port 
specific filtering routers, which may only connect with a 

20 designated port address. For example, router 49 (firewall 
25(a)) may connect only to the addresses set for the 
HydraWeb® (or web servers 24) within the DMZ, and router 
55 (firewall 25(6)) may only connect to the port addresses 
set for the dispatch server 26 within the network. In addition, 

25 the dispatch server 26 connects with an authentication 
server, and through a proxy firewall to the application 
servers. This ensures that even if a remote user ID and 
password are hijacked, the only access granted is to one of 
the web servers 24 or to intermediate data and privileges 

30 authorized for that user. Further, the hijacker may not 
directly connect to any enterprise server in the enterprise 
intranet beyond the DMZ, thus ensuring internal company 
system security and integrity. Even with a stolen password, 
the hijacker may not connect to other ports, root directories 

35 or application servers within the enterprise system, and the 
only servers that may be sabotaged or controlled by a hacker 
are the web servers 24. 

The DMZ 17 acts as a double firewall for the enterprise 
intranet because of the double layer of port specific filtering 

40 rules. Further, the web servers 24 located in the DMZ never 
store or compute actual customer sensitive data. The web 
servers only transmit the data in a form suitable for display 
by the customer's web browser. Since the DMZ web servers 
do not store customer data, there is a much smaller chance 

45 of any customer information being jeopardized in case of a 
security breach. In the preferred embodiment, firewalls or 
routers 47,49 are a combination of circuit gateways and 
filtering gateways or routers using packet filtering rules to 
grant or deny access from a source address to a destination 

50 address. All connections from the internal application serv- 
ers are proxied and filtered through the dispatcher before 
reaching the web servers 24. Thus it appears to any remote 
site, that the connection is really with the DMZ site, and 
identity of the internal server is doubly obscured. This also 

55 prevents and direct connection between any external and any 
internal network or intranet computer. 

The filtering firewalls 25(a), (b) may also pass or block 
specific types of Internet protocols. For example, FTP can be 
enabled only for connections to the In-Box server 31, and 

60 denied for all other destinations. SMTP can also be enabled 
to the In-Box server, but Telnet denied. The In-box server 31 
is a store and forward server for client designated reports, 
but even in this server, the data and metadata are separated 
to further secure the data, as will be described. 

65 As previously described, the customer access mechanism 
is a client workstation 20 employing a Web browser 14 for 
providing the access to the networkMCI Interact system via 



11/07/2003, EAST Version: 1.4.1 



US 6,470386 Bl 

9 10 

the public Internet 15. When a subscriber connects to the Secure Web servers 24 will re-encrypt the request using 

networkMCI Interact Web site by entering the appropriate symmetric RSA encryption and forward it over a second 

URL, a secure TCP/IP communications link 22 is estab- socket connection 23 to the dispatch server 26 inside the 

lished to one of several Web servers 24 located inside a first enterprise Intranet. 

firewall 25a in the DMZ 17. Preferably at least two web 5 As described herein, and in greater detail in co-pending 

servers are provided for redundancy and failover capability. UtS . Patent Application Ser. No. 09/159,695, the data archi- 

In the preferred embodiment of the invention, the system tecture component of networkMCI Interact reporting system 

employs SSL encryption so that communications in both ^ focused QQ thc presen tation of real time (un-priced) call 

Se" stT a^secure n networkMCI deUil data> &uch ^ provided by MQ , S TrafficView 

D InThe pr'efeeTemSLent, all DMZ Secure Web serv- 10 ^J^P^ nn^f ^ ^ ™ 

ers 24 are preferably DEC 4100 systems having Unix or h / M ^ S Star0DS Server 33 in a vanet y of user ******* 

NT-based operating systems for running services such as formats. 

HTTPS, FTP, and Telnet over TCP/IP. The web servers may MX reporting is provided through a Report Requestor GUI 

be interconnected by a fast Ethernet LAN running at 100 application interface which support spreadsheet, a variety of 

Mbit/sec or greater, preferably with the deployment of 15 S ra P h and cnart l yP e > or botn simultaneously. For example, 

switches within the Ethernet LANs for improved bandwidth the spreadsheet presentation allows for sorting by any arbi- 

utilization. One such switching unit included as part of the trary set of columns. The report viewer may also be launched 

network architecture is a HydraWEB® unit 45, manufac- from the inbox when a report is selected, 

tured by HydraWEB Technologies, Inc., which provides the Report management related data is also generated which 

DMZ with a virtual IP address so that subscriber HTTPS 20 includes 1) report profiles defining the types of reports that 

requests received over the Internet will always be received. are available, fields for the reports, default sort options and 

The Hydra web unit 45 implements a load balancing algo- customizations allowed; and 2) report requests defining 

rithm enabling intelligent packet routing and providing customer specific report requests including report type, 

optimal reliability and performance by guaranteeing acces- report name, scheduling criteria, and subtotal fields. Tnis 

sibility to the "most available" server. It particularly moni- 25 type of data will be resident in an Inbox server database and 

tors all aspects of web server health from CPU usage, to managed by the Inbox server. 

memory utilization, to available swap space so that Internet/ The Infrastructure component of the nMCI Reporting 

Intranet networks can increase their hit rate and reduce Web system includes means for providing secure communica- 

server management costs. In this manner, resource utiliza- tions regardless of the data content being communicated. As 

tion is maximized and bandwidth (throughput) is improved. 30 described in detail in above-referenced, co-pending U.S. 

It should be understood that a redundant Hydra web® unit patent application Ser. No. 09/159,514, filed Sep. 24, 1998, 

may be implemented in a Hot/Standby configuration with the nMCI Interact system security infrastructure includes: 1) 

heartbeat messaging between the two units (not shown). authentication, including the use of passwords and digital 

Moreover, the networkMCI Interact system architecture certificates; 2) public key encryption, such as employed by 

affords web server scaling, both in vertical and horizontal 35 a secure sockets layer (SSL) encryption protocol; 3) 

directions. Additionally, the architecture is such that new firewalls, such as described above with reference to the 

secure web servers 24 may be easily added as customer network architecture component; and 4) non-repudiation 

requirements and usage increases. techniques to guarantee that a message originating from a 

As shown in FIG. 5, the most available Web server 24 source is the actual identified sender. One technique 

receives subscriber HTTPS requests, for example, from the 40 employed to combat repudiation includes use of an audit 

HydraWEB™ 45 over a connection 44a and generates the trail with electronically signed one-way message digests 

appropriate encrypted messages for routing the request to included with each transaction. 

the appropriate MCI Intranet midrange web server over Another component of the nMCI Interact infrastructure 
connection 44b, router 55 and connection 23. Via the includes order entry, which is supported by the Order Entry 
Hydraweb™ unit 45, a TCP/IP connection 38 links the 45 ("StarOE") server. The general categories of features to be 
Secure Web server 24 with the MCI Intranet Dispatcher ordered include: 1) Priced Reporting; 2) Real-time report- 
server 26. ing; 3) Priced Call Detail; 4) Real Time Call Detail; 5) 
Further as shown in the DMZ 17 is a second RTM server Broadband SNMP Alarming; 6) Broadband Reports; 7) 
52 having its own connection to the public Internet via a Inbound RTM; 8) Outbound RTM; 9) Toll Free Network 
TCP/IP connection 48. As described herein, this RTM server 50 Manager; and 10) Call Manager. The order entry function- 
provides real-time session management for subscribers of ality is extended to additionally support 11) Event Monitor; 
the networkMCI Interact Real Time Monitoring system. An 12) Service Inquiry; 13) Outbound Network Manager; 14) 
additional TCP/IP connection 48 links the RTM Web server Portfolio; and, 15) Client View. 

52 with the MCI Intranet Dispatcher server 26. As further The Self-monitoring infrastructure component for nMCI 

shown in FIG. 5, a third router 65 is provided for routing 55 Interact is the employment of mid-range servers that support 

encrypted subscriber messages from the RTM Web server 52 SNMP alerts at the hardware level. In addition, all software 

to the Dispatcher server 26 inside the second firewall. processes must generate alerts based on process health, 

Although not shown, each of the routers 55, 65 may addi- connectivity, and availability of resources (e.g., disk usage, 

tionally route signals through a series of other routers before CPU utilization, database availability), 

eventually being routed to the nMCI Interact Dispatcher 60 The Metrics infrastructure component for nMCI Interact 

server 26. In operation, each of the Secure servers 24 is the employment of means to monitor throughput and 

function to decrypt the client message, preferably via the volumes at the Web servers, dispatcher server, application 

SSL implementation, and unwrap the session key and verify proxies and mid-range servers. Metrics monitoring helps in 

the users session from the COUser object authenticated at the determination of hardware and network growth. 

Logon. 65 To provide the areas of functionality described above, the 

After establishing that the request has come from a valid client tier 10 is organized into a component architecture, 

user and mapping the request to its associated session, the with each component providing one of the areas of func- 
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tionality. As explained in further detail in co-pending U.S. 
patent application Ser. No. 09/1 59,515, the client-tier soft- 
ware is organized into a "component" architecture support- 
ing such applications as inbox fetch and inbox management, 
report viewer and report requester, TFNM, Event Monitor, 
Broadband, Real-Time Monitor, and system administration 
applications. Further functionality integrated into the soft- 
ware architecture includes applications such as Outbound 
Network Manager, Call Manager, Service Inquiry and Client 
View. 

The present invention focuses on the client and middle - 
tier service and application proxy components that enable 
customers to view in real time the operation of their 
network, i.e., the statistics relating to inbound call traffic for 
customer's special service call number(s), e.g., toll-free 
800/8xx and VNET calls, and may additionally support and 
may support outbound call traffic. Referred to herein as the 
Real Time Monitoring system ("RTM"), the invention 
enables a subscriber of a telecommunications network ser- 
vice to access, via a web-based browser interface, unpriced 



More particularly, the Traffic View Server 550 functions 
to store network call detail records (CDRs) and statistics, 
generate reports and deliver reports and/or call detail to the 
customer via the StarWRS Web Reporting System, and, 
5 supplies on-line customer access to call detail and hourly 
statistics that aid the customer in Network management, call 
center management and customer calling pattern analysis. 
For real time (unpriced) data, statistics are generated for the 
following totals: minutes, attempts, completes, incompletes, 
10 other, dto (direct termination overflow), short calls, didn't 
wait, didn't answer, tec, and equipment failures. 

The process by which the TVS server 550 gets data is now 
explained in greater detail with reference to FIGS. 6 and 7. 
As shown, call records are created by a network switch 501. 
15 An AP (Adjunct processor) or Storage and Verification 
Elements ("SAVE") platform 502 is co-located with each 
switch and receives all the call records from the switch as 
soon as possible after a call disconnects. The AP/SAVE 



sends all the call records to a(Network Information Con- 
number usage and statistical information in real-time so that 20 centrator (NIC) 503 where records are grouped together and 
the ongoing operation of the network, at least with respect those groupings numbered for a more efficient network 
to the subscriber's special service call numbers), can be utilization. If the NIC determines that it is missing a gap in 
monitored by the subscriber. The subscriber may then, in the the numbers, it will request the AP/SAVE resend that group 
manner as described in commonly-owned, co-pending U.S. of data to ensure that no data is lost. Should the NIC be 
patent application Ser. No. 09/159,702, filed Sep. 24, 1998, 25 unavailable to receive data, the AP/SAVE queues the data 



entitled INTEGRATED PROXY INTERFACE FOR WEB 
BASED TELECOMMUNICATION TOLL-FREE NET- 
WORK MANAGEMENT, the contents and disclosure of 
which is incorporated by reference as if fuilly set forth 
herein, expeditiously effect any necessary changes as 30 
required based on the real-time information provided. For 
example, depending upon current network traffic conditions, 
the customer may reallocate his resources by redirecting 
calls to a special service call number to different locations, 
e.g., where other operators of the subscriber are located. 

FIG. 6 depicts the physical architecture of the RTM 
system 600. As shown in FIG. 6, the RTM system's real- 
time monitoring capability is enabled by the Intranet Traffic 
View system ("TVS"), depicted as dotted line 500 such as 



for later delivery. The NIC 503 receives all calls from all 
switches as soon as possible after a call has disconnected 
(hangs up) and distributes records to clients that match a 
certain criteria. 

A generalized statistics engine (GSE) component 504 
receives all records that are considered to be a toll free 
(800/8xx, etc) call from the NIC and also employs the same 
sequencing of groups of records to ensure that no data is lost. 
Should the GSE be unavailable, the NIC will queue the data 
35 for later delivery. The GSE component 504 further filters 
toll-free calls to only process calls that match a subscriber 
list which is maintained by an order entry OE process on the 
GSE (not shown) that accepts add & delete requests from 



TVS via a messaging interface 507 as shown in FIG. 6. The 

described in commonly owned, co -pending U.S. patent 40 GSE component then formats the CDRs, i.e., enhances the 

application Ser. No. 09/159,404 filed Sep. 24, 1998, entitled call records, from the form as originally provided at the 

INTEGRATED PROXY INERFACE FOR WEB BASED switch, into a normalized form to allow for a common record 

DATA MANAGEMENT REPORTS, the contents and dis- format regardless of the type of switch that created the 

closure of which is incorporated by reference as if fully set record, or the exact call record type. For example, different 

forth herein. As will be described, the TVS system 500 45 network switches generate different call detail records, e.g., 



includes a TVS server 550 invoking processes for monitor- 
ing and storing real-time call detail statistics data. 
Additionally, as shown in FIG. 6, the TVS system is shown 
integrated with the nMCI Interact "StarWRS" web reporting 
system 200 having a web -based client front-end with a 
TCP/IP socket communication infrastructure to enable 
secure customer access to reports comprising call detail 
statistical data. As described in commonly owned, 
co-pending U.S. patent application Ser. No. 09/159,409 filed 
Sep. 24, 1998, entitled PROXY SERVER INTERFACE 
FOR WEB BASED REPORT REQUESTOR TOOL SET, 
the contents and disclosure of which are incorporated by 
reference herein, the nMCI Interact system 200, inter alia, 
provisions customer's with the ability to fulfill all of their 



50 



55 



call detail record, enhanced call detail records, etc., which 
denote differences in toll-free services and features. This 
type of call detail record generated by GSE component is 
herein referred to as a TCR (Translated Call Record). 

Groups of TCRs are sent from the GSE to TVS via 
TCP/IP. When TVS has safely stored that record it sends an 
acknowledgment to the GSE 504 so that the GSE may 
dispose of the group. Should TVS not be available to receive 
data, GSE queues data to be sent later. 

As shown in FIG. 6, in the preferred embodiment, initial 
customer provisioning occurs at either the Corporate Order 
Entry system 223 (CORE) or the StarOE server 285 com- 
ponent of MCI Interact. As shown in FIG. 8, CORE 223 
transmits daily to the TVS server 550 via Network Data 



telecommunications network reporting requirements via a 60 Mover (NDM) files which comprise information about new 



common Web-browser interface. The fulfillment finction 
provided by NMCI Interact and the TVS system 500 
includes report customization, report scheduling and report 
editing functions for customer's unpriced reporting detail 
and statistical data, such as described in greater detail in 
co-pending U.S. patent application Ser. No. 09/159,404, 
filed Sep. 24, 1998. 



reports for TVS to create, and where to send those reports, 
e.g., FAX, E-Mail, or US Mail. In the NMCI Interact 
Traffic View Server 550, a CORE FEED process 523 provi- 
sions reporting order and profiles into a reference database 
551, and sets up scheduled reports to work on the next 
boundary, e.g., hourly, daily reports at midnight the next 
complete day, weekly reports at the end of the next week, 
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monthly reports at the end of the month, etc.. If this report 
requires Call detail records, as opposed to aggregated data, 
a CDR database is selected based on weighted values for the 
existing database. If a request contains a toll-free number 
that has not been provisioned with the GSE, a GSE__OE 
process 524 is invoked to forward the order, e.g., toll-free 
number, from the reference database onto a DEC Message 
Queues "DMQ" 526a. A GSE_OE_SEND process 527 is 
invoked to keep a TCP/IP socket open to the GSE process so 
that the pending order may be forwarded to the GSE 504 via 
a TCP/IP interface. Once the order has been provisioned in 
GSE the GSE may start to collect CDRs based on the 
requested toll-free number. In response, the GSE will invoke 
the GSE_OE_SEND process 527 to send an order response 
to a DMQ 5266, where it will be accessed by the GSE_OE 
process 524. The GSE_OE process 524, in turn, will 
confirm that the number has been provisioned within the 
TVS server and will update the reference database accord- 
ingly by removing the order from a pending order list. 
Invocation of the GSE_OE process and the GSE_OE_ 
SEND process enables tracking of new customer orders, i.e., 
new toll-free network numbers for which CDR data is to be 
collected. 

As further shown in FIGS. 6 and 8, in the preferred 
embodiment, requests to enable Traffic View customers are 
received in real-time from StarOE 285 via TCP/IP. 
Generally, StarOE specifies what general categories of 
reports can be requested for a given nMCI Interact sub- 
scriber. These categories include: 1) reports that only require 
data aggregation; 2) reports that require call detail records to 
be collected; and 3) real-time monitor (RTM) reports. This 
is provisioned into the reference database 551 for future 
verification of requests from the nMCI Interact platform. If 
a request contains a toll-free number that has not been 
provisioned with the GSE, a subscription request is sent to 
the GSE 504 to start collecting Traffic View data pertaining 
to that tollfree number. This request is sent by placing a 
request onto the DMQ queue 553, and the GSE__SEND_ 
OE process 554 then forwards this request to the GSE 504 



10 



map the switch ID (per Network control system) to the 
billing representations of the same switch. 

As further shown in FIG. 7, the unpriced data collection 
process begins with the placement of an order for unpriced 
reporting with the customer's account team. Specifically, the 
account team places the order in real time using an ordering 
system component. In a periodic process, this order infor- 
mation is transmitted to OEHubs 224, e.g., via e-mail which 
later inputs the necessary service and reporting flags to the 
StarOE component 285, via messaging interface 226. The 
OEHubs 224 further adds new customers to the corporate 
order entry (SCOREN) system component 223, which pro- 
vides customer billing hierarchy information used by the 
StarWRS system. The new customer hierarchy information 
15 is extracted by the CORE system 223, and is available for 
pickup by the StarOE server 285 via messaging interface 
227. 

The StarOE server 285 then messages the Traffic View 
Server 550 in real time via TCP/IP that the number has been 
20 added for Unpriced Reporting. The TVS additionally mes- 
sages the GSE component 505 in real time to immediately 
initiate the collection of call detail for that number, as will 
be described in greater detail herein. Due to latency inherent 
in the fulfillment process, customers may select and receive 
daily reports after CDR collection begins. 

In accordance with the invention, a wide variety of reports 
and reporting frequencies are available. In the preferred 
embodiment, reports are available in hourly, daily, weekly, 
and monthly frequencies. Types of TVS reports that are 
available to customers include: Standard reports; Summary 
reports; Termination Reports; Exception reports; and, 
unpriced call detail. For example, Standard reports that may 
be generated from stored Toll Free hourly statistics include, 
but are not limited to: Summary by Toll Free Number and 
Hour which is available in the following frequencies (Ad- 
hoc "A",Daily "D", Weekly "W", and Monthly "M")i Sum- 
mary by Toll Free Number and Date(A,D,W,M); Summary 
by Toll Free Number and day of week ("DOW") (A,W,M); 
Summary by Toll Free Number and Week (A,M); Summary 



25 



30 



35 



via a TCP/IP interface. In the preferred embodiment, the 40 by Toll Free Number and NPA (A,D,W,M); Summary by 



content and format of an "order entry" message generated by 
the TVS server for requesting unpriced traffic data from the 
GSE is provided in Appendix A. In accordance with this 
messaging, the GSE selects all TCR's for TVS enabled 
customers and places them in a SAVE storage queue, e.g., 
Versant or Talarian, for subsequent distribution to the TVS 
server. 

As further shown in FIG. 6, an input feed from the calling 
area database component 508 ("CADB") provides the TVS 
server 550 with reference data including state and country 
information for mapping NPA/NXX (Numbering Plan Area/ 
Number Exchange) to city name and state code, and, for 
mapping country codes to country names. Data is trans- 
ported from the CADB database 508 to the TVS server via 
a network data mover ("NDM") or FTP via interface 519. 

A further input feed from the Global Information Reposi- 
tory "GIR" component 511 provides the TVS server with 
International toll-free number terminations on a periodic 
basis. 

From the circuit order management system ("COMS") 
component 515, TVS receives three NDM feeds: 1) a Trunk 
Type Master feed 516 used in Un-priced Reporting to map 
enhanced voice service/dedicated access line (EVS/DAL) 
information to specific service locations; 2) an automatic 
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60 



Toll Free Number, Service Location and Hour(A,D,W,M); 
Summary by Toll Free Number, Service Location and Date 
(A,D,W,M); Summary by Toll Free Number, Service Loca- 
tion and DOW (A,W,M); Summary by Toll Free Number, 
Service Location and Week (A,M); Summary by Service 
Location and Hour (A,D,W,M); Summary by Service Loca- 
tion and Date (A,D,W,M); Summary by Service Location 
and DOW (A,W,M); Summary by Service Location and 
Week (A,M); Summary by Service Location, Toll Free 
Number and Hour (A,D,W,M); Summary by Service 
Location, Toll Free Number and Date(A,D,W,M); Summary 
by Service Location, Toll Free Number and DOW (A,W,M); 
Summary by Service Location, Toll Free Number and Week 
(A,M). The Toll Free Summary Reports generally comprise 
three sections: Summary, Incomplete Call Analysis, and 
Network Customer Blocked Analysis (other category 
breakdown). The Termination Summaries include three 
types of termination reports: Toll Free by Location, i.e., 
showing termination summary and incomplete call analysis 
by service location for a specific Toll Free number; By 
Location, i.e., by service location across all Toll Free num- 
bers terminating to the same service location; and, Location 
by Toll Free, i.e., for a specific service location, shows each 
Toll Free number terminating to this location. The originat- 



number identification ("ANI") feed 517 also used in 65 ing NPA/Country Code summary reports provide informa- 
Unpriced Reporting to map EVS/DAL information to spe- tion by NPA and Country for each Toll Free number attached 
cific service locations; and, 3) a switch mapping feed 518 to to the report. 
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Additionally available are what are called Call Detail 
Exception Reports/images which provide reporting informa- 
tion pertaining to the following: Completion Rate and Retry 
(A,D,W,M); Completion Rate and Retry with Queue Aban- 
donment (A,D,W,M); Lost Caller and Retry (A,D,M); Lost 
Caller and Retry with Queue Abandonment (A,D;M); Most 
Frequent Calling Numbers (A,D,W,M); Most Frequent Call- 
ing NPA/NXX (A,D,W,M); Most Frequent Calling Country 
(A,D,W,M). 

The nMCI Interact Exception reports (images) includes: 
Completion Rate and Retry (A,D,W,M); Completion Rate 
and Retry with Queue Abandonment (A,D,W,M); Lost 
Caller and Retry (A,D,M); Lost Caller and Retry with Queue 
Abandonment (A,D,M); Most Frequent Calling Numbers 



ated with its destination database CDR Database 561a, 
5616, . . . ,561/t. For instance, via a TCR Poster process 
555a, records destined for CDR database 561a are for- 
warded from the DMQ Queue 554a. Particularly, each CDR 
5 poster process 555a, 555£>, . . . ,555« reads data from it's 
corresponding DMQ Queue and formats & stores those 
records in their database. 

With further regard to the stats counter 570 shown in FIG. 
9, TCRs are rolled up into statistics records. Specifically, the 
10 stats counter 570 keeps counts of the following: summary 
information about each toll free number for an hour; sum- 
mary information about each toll free number and termina- 
tion for an hour; and, summary information about each toll 
free number and origination NPA for an hour. These statis- 



(A,D,W,M); Most Frequent Calling NPA/NXX (A,D,W,M); 15 tics are kept in memory for a pre -determined amount of 



and, Most Frequent Calling Country (A,D,W,M). The nMCI 
Interact Exception reports (data) includes: Call Detail by 
Originating ANI (A,D,W,M); Call Detail by ID Code (A,D, 
W,M); Call Detail by NCR Indicator (A,D,W,M); Call Detail 
by Originating State (A,D,W,M); Call Detail by Disposition 20 
(A,D,W,M); Call Detail by Service Location (A,D,W,M); 
Payphone Summary (A,M). Downloadable nMCI interact 
Call Detail reports includes Traffic view call detail (available 
as adhoc and daily) and Outbound traffic view call detail 
data (available as ad-hoc, daily and weekly). 

As mentioned, via TCP/IP messaging, the TVS system 
550 receives a request in real-time from the rIMCI Interact 
StarOE component 285 to begin collecting call detail 
records for a particular TVS/Unpriced reporting customer, 



time, e.g., one hour. As matching records come in, statistics 
are updated. At the end of the time period, these records are 
written to the statistics database 571, and particularly high 
speed electronic data drives. 

The statistics that are gathered for each subscriber's 
toll-free number in the TVS system of the invention include: 
total completions, total call duration, total attempts, total 
switch control call, total Network Control System (NCS) 
blocked, total NCS rejected, total network blocked (all 
25 routes busy), total supp code blocked, and out-of-band 
blocked. The summary table processing algorithm in Appen- 
dix B details the collection of these statistics by the GSE and 
the TVS summary table processing. 

Additionally, statistics gathered for NP table processing 



which number had been previously assigned during the 30 include: originating NPA, total attempts per NPA, total calls 



completed (tec) per NPA, total call not delivered (blocked) 
per NPA, total attempts for International Originations, tec 
for International Originations ("IO"), total calls not deliv- 
ered (blocked) for IO. 

Additionally, call statistics for terminations include: ter- 
mination type, termination address, total completions, total 
call duration, and call dispositions indicating the cause of an 
incomplete call including: total short calls, total didn't write, 
and total didn't answer. The termination table processing 



order entry process. When a customer discontinues 
Unpriced Reporting for a number, this information is entered 
in StarOE tables where it is stored for a predetermined 
period subsequent to termination of the number. After the 
predetermined period of time, e.g., seven days, the numbers 35 
scheduled for service deletion are passed to TVS via TCP/IP 
connectivity in real time. After receiving this information, 
TVS instructs the GSE 504 in real time to stop collecting 
CDRs for these numbers. 

FIG. 9 illustrates a generalized block diagram detailing 40 algorithm in Appendix B details the collection of these 
the internal TVS data acquisition processes. As shown in statistics by the GSE for the TVS termination table process- 
FIG. 9, a TVS server "GSE_TCR_RCVR" process 564 ing. 

receives a group of TCR records from the GSE component Referring back to FIG. 6, the RTM system 600 of the 
504. The GSE_TCR_RCVR process 564 inserts that group invention enables customers to view in real time, their call 
into a DMQ (DecMessageQueue) queue 553a that provides 45 detail statistics, over the Internet via TCP/IP connections 
a guaranteed message delivery. Upon successful storing of a 292 and 294 in real-time, via the nMCI Interacts web-based 
record into the DMQ queue 553a, the GSE_TCR_RCVR front-end and middle-tier infrastructure. As shown, cus- 
process 564 sends an acknowledgment to the GSE compo- tomer requests are entered by the customer 100 via an RTM 
nent 504 so that it may delete that group. If TVS fails to graphic user interface and communicated over secure TCP/ 
acknowledge this group after a predetermined timeframe, so IP socket connections for input over the firewall 250 to at 



the GSE continues to resend this group until an acknowl- 
edgment is received. The TCR_DISTRIB process 566 reads 
groupings of records and distributes a record based on the 
toll-free number associated with that record in the following 
manner: 

First, as the reference database 551 contains information 
on which toll-free number belongs in which CDR database 
associated with the TVS server, records are grouped for each 
CDR database 561a ,561b, . . . ,561/2, to which they belong. 
The reference database 551 additionally flags which num- 
bers are to have statistics collected for them. Thus, an 
additional group of records is created and may be routed to 
a DMQ Queue 553b which inputs these records into a 
statistics "stats'* counter process 570 for statistics 
processing, as will be described in greater detail herein. 
When all the records in the group have been read, each group 
is written to it's DMQ queue 554a ,5546, . . . ,554« associ- 



least one secure server, e.g., a DMZ RTM Web Server 52 
(FIG. 2) that provides for authentication, validation, and 
session management in the manner as described in 
co-pending U.S. patent application Ser. No. 09/159,408, 
55 filed Sep. 24, 1998 entitled AUTHENTICATION AND 
ENTITLEMENTS FOR USERS OF WEB BASED DATA 
MANAGEMENT PROGRAMS, the contents and disclo- 
sure of which is incorporated by reference as if fuilly set 
forth herein. Particularly, the RTM server 52 communicates 
60 with the Dispatch server 26 to perform an authentication 
check comprising a look-up based on the logon user name 
and the session ID, i.e., cookie, before enabling real-time 
monitoring functionality. 

As shown in the process flow diagram of FIG. 10(a), a 
65 customer first establishes communication with the DMZ 
Web server at step 302 and logs on to the nMCI Interact 
reporting system by entering the user's name and password 
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onto a logon dialog box, as indicated at step 305. Having 
accessed the web page and logged in, a user Common Object 
is created. As indicated at step 307, an application running 
on the backplane directs a "Validate User Message" to the 
StarOE server 280 via the web server (FIG. 6) to direct the 
StarOE server 280 to perform security validation and 
authenticate the user ID and password in the manner as 
described in co-pending U.S. patent application Ser. No. 
09/159,408 filed Sep. 24, 1998, the contents and disclosure 
of which is incorporated by reference herein. It is understood 
that all communication to the StarOE server is via TCP/IP 
with a Unix process listening on a known TCP port. All data 
and security information is accessed by direct queries to a 
StarOE server database 283, such as provided by Informix. 

Once the customer is validated, at step 308a, 6, the back- 
plane objects request a list of all the authorized applications 
from the StarOE server, as indicated at step 310. Particularly, 
as described in co-pending U.S. patent application Ser. No. 
09/159,515 filed Sep. 24, 1998, the contents and disclosure 
of which is incorporated by reference herein, a "Get User 
Application Request" message is communicated to the 
StarOE server via the backplane which queries the Informix 
database to obtain a list of authorized applications, i.e., 
services, for the user and which determines which buttons on 
the home page are active, thus controlling their access to 
products. At steps 312 and 314 respectively, a networkMCI 
Interact applet is downloaded to the customers Web Browser 
via the established TCP/IP connection, and the browser 
presents the customer with the networkMCI Interact system 
home page, such as the exemplary home page 80 shown in 
FIG. 4. It should be understood that in the preferred 
embodiment, the icons for applications the user has security 
access to are shown bolded. Thus, it should be understood 
that if the customer subscribes to Real Time Monitor, a 
Traffic Monitor icon is automatically enabled when the 
home page appears. 

Referring back to FIG. 10(a), at step 314, the customer 
selects the Traffic Monitor application from the home page 
by clicking on a Traffic Monitor icon 96 (FIG. 4) after 
StarOE validates the user's id and password in the manner 
as described in co -pending U.S. patent application Ser. No. 
09/159,404, filed Sep. 24, 1998. 

Referring back to FIG. 10(6), preferably, in response to 
selecting the RTM function, at step 321, a hot link connec- 
tion to the TVS CGI/HTML implementation of RTM is 
made to initiate a second security/authentication process and 
verify the Unpriced data RTM products for which the 
customer is provisioned. With more particularity, the user 
connects to the RTM URL and checks the RTM Web Server 
implementing an HTTP Post method. In response, the RTM 
Web Server generates a cookie and implements the RTM 
Web Server common gateway interface protocol ("CGI") to 
send a validation request to TVS via TCP/IP with the cookie. 
TVS server 550 validates the logon request provided in the 
Traffic View server and confirms the customer is enabled for 
RTM, as indicated at step 329. The TVS server stores user 
information with the cookie, and returns the validation 
information to the Web Server. Next, via CGI, an HTML 
page is sent to the user as indicated at step 331 presenting the 
user with an RTM screen and menu options, as indicated at 
step 335, thus allowing customer access to all RTM func- 
tionality which that user is entitled. As will be explained, this 
functionality includes interaction with the RTM application 
to formulate and transmit requests and receive the results. 
For example, the user may select the toll-free numbers to be 
tracked, enter a polling period, and define the call detail 
statistics desired. 
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Particularly, selection of the traffic monitor icon enables 
display of the traffic monitor profile list page 600, shown in 
FIG. 12(a), which presents a list of the user-defined profiles 
602 for which real time monitoring functions 603 may be 
invoked. Particularly, from the web page 600, a user may 
activate a real time monitoring function by selecting an 
activate button 604, edit an existing RTM profile by select- 
ing button 606, or delete an existing RTM profile by 
selecting button 608. Additionally, a user may create a new 
RTM profile for a new toll-free number, by selecting an add 
profile button 610. 

Upon selection of the add profile button 610, a new dialog 
window 620, such as the example window shown in FIG. 
12(b), is presented which may allow a customer to enter 
desired RTM profile parameters for a selected toll-free 
(inbound) number 6256 including: a profile name 622, a 
time zone 624, and, a polling interval 626, which specifies 
the time interval in which statistics data is to be gathered by 
the GSE and which, in the preferred embodiment, may be 
down to a one (1) minute interval. Particularly, a customer 
may be presented with a list of available numbers 625a from 
which a number may be selected for profile generation. 

It should be understood that a profile selected from the 
profile list page 600 (FIG. 12(a), may be edited upon 
selection of a profile edit button 606. An edit profile page 
will be presented to the customer that is similar to the add 
profile page 620 (FIG. 12(b)). Thus, from the dialog shown 
in FIG. 12(b), the profile parameters of an existing RTM 
profile for a particular number, may be modified. 

Referring back to FIG. 12(a), upon selection of the 
activate button 604 for a selected profile, an active profile 
web page 630 will be displayed, such as shown in FIG. 
12(c), which presents the real-time summary data for the 
selected toll free number/profile. As shown in FIG. 12(c), the 
active profile web page 630 is broken down into three 
sections: a first section 632 displaying profile summary data 
for the selected toll-free number including call attempts, call 
completes, call incompletes, blocked, NCR, average dura- 
tion and total duration; a second section 634 displaying a 
summary breakdown of the call incompletes for the selected 
profile including busy, (all trunks busy) ATB, short calls, 
didn't waits, or didn't answers; and, a third, section 636 
displaying other summary data not presented in the first two 
sections such as network congestion, ID codes, payphone 
blocked, etc. It is from this screen that a customer may view 
real-time information pertaining to their toll-free network 
usage, and make informed business decisions regarding 
call-routing plans. 

As further shown in FIG, 12(c), the customer may select 
a start time button 640 enabling selection of a specific time 
for which real-time traffic statistics are to be gathered for 
presentation to the customer. Thus, upon selection of the 
start time button 640, a set start time web page 650 will be 
displayed, such as shown in FIG. 12(d), which enables 
specification of a start date from a dropdown menu 652, and 
specification of a start time from a drop-down menu 654. 

Likewise, as further shown in FIG, 12(c), the customer 
may select a polling interval specifying the time interval at 
which the summary data displayed on the active profile web 
page may be updated. Thus, upon selection of the start time 
button 642, a set polling interval page 660 will be displayed, 
such as shown in FIG. 12(e), enabling selection of a polling 
interval, e.g., in minutes, from a drop-down menu 662, for 
which real-time, statistical network traffic data is to be 
refreshed for display on the active profile page 630 (FIG. 
12(c)). 

Furthermore, as shown in the active profile page display 
of FIG. 12(c), the customer may select an Inquiry button 644 
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enabling a display of selected RTM call disposition param- 
eters for the current selected RTM profile. Thus, upon 
selection of the inquiry button 644, an inquiry request page 
670 will be displayed, such as shown in FIG. 12(f), enabling 
further inquiry selection/and or modification of RTM param- 
eters for the selected profile 602 including: the inbound 
telephone number, start date, end date, report size limit, time 
zone, start time and end time. Additionally, further call 
disposition parameters 672 may be inquired into for display 
in the active profile page of FIG. 12(c) including: call 
answered, supp code blocked, switch control blocked, dialed 
number failure, ring no answer, out of band blocked, net- 
work blocked, range privilege failure, didn't wait, (network 
control system) NCS reject, busy, payphone blocked, didn't 
answer, NCS blocked, and all trunks busy. Particularly, upon 
selection of the submit button 674 of display 670, an inquiry 
results page 680 will be presented, such as shown in FIG. 
12(g), which displays the collected raw real-time call detail 
statistic data 685 in display line format 685 for the selected 
RTM profile. 

As further shown in FIG. 12(g), the customer may select 
a CDR detail link 687 to invoke a display 690 showing the 
details of a specific call detail record, such as the example 
display 690 shown in FIG. 12(h). Likewise, the customer 
may select an enhanced voice services (EVS) detail link 689 
to invoke a display 695 presenting the selected EVS details, 
such as shown in the example EVS detail data display 690 
shown in FIG. 12(i). 

Referring back to FIG. 10(6), from the profile list page 
600, the customer is enabled to select or modify his/her 
predefined RTM use profile, as indicated at step 340, FIG. 
10(b), Thus, as mentioned, the customer may create or edit 
their user profile, for example, by entering selection criteria 
such as: 800/8xx or Vnet number to report, a polling 
interval, and time zone. The user may also delete a user 
profile. The entered selection criteria may be saved by the 
subscriber as a new user profile for storage in TVS server 
Level_oL_use tables (not shown), as indicated at steps 344 
and 345, or submitted directly to the TVS server, as indi- 
cated at steps 349 and 350. It should be understood that all 
TVS RTM functionality as described in co-pending U.S. 
patent application Ser. No. 08/587,381 filed Jan. 17, 1996, 
entitled SYSTEM ^ND METHOD THEREFOR OF VIEW- 
ING IN REAL TIME CALL TRAFFIC OF A TELECOM- 
MUNICATIONS NETWORK, the contents and disclosure 
of which is incorporated by reference as if fully set forth 
herein, may be available to the customer. 

If, at step 340, the subscriber has selected a previously 
defined use profile, as indicated at step 347, the subscriber 
may modify the profile, i.e., 800/8xx or VNET number to 
report, start time, polling interval, and call disposition 
statistics, as indicated at step 348, and submit it directly to 
the TVS server, as indicated at steps 349 and 350 (FIG. 
10(c)). 

At this point, the user can interact with the RTM appli- 
cation to formulate a request, transmit it and receive the 
results according to the userselected toll-free number(s) to 
be tracked, polling period and defined statistics desired. 

Briefly, after receiving the request, at step 352, FIG. 10(c), 
the TVS formulates a query and submits the query to the call 
detail database which is the repository of all call detail 
records for the particular number selected. The TVS server 
selects the call detail data in accordance with the user profile 
or selection at step 354, and passes the data to the RTM Web 
Server which formats the data into an HTML table, as 
indicated at step 356. This HTML table is sent to the user's 
browser at step 358 and the process continues at step 359 for 
each successive polling interval until the user terminates the 
request. 
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As mentioned, the networkMCI Interact Real-time Traffic 
Monitor provides a customer with a real-time summary 
display of calls made to their toll-free numbers. This infor- 
mation is displayed on the Active Profile page 630 such as 

S shown in FIG. 12(c), which may be automatically refreshed 
at a specified polling interval of, e.g., 1 to 30 minutes. This 
value is selectable by the user upon profile creation. The 
information on the Active Profile page is refreshed at this 
interval by the user's browser (a "client information on the 

10 Active Profile page is refreshed at this interval by the user's 
browser (a "client pull" operation). This happens automati- 
cally because the Active Profile page contains an HTML 
Refresh meta tag which tells the user's browser software to 
redisplay the current page after the indicated number of 

15 seconds has passed. 

FIG. 11 is an illustration depicting the nMCI Interact 
RTM polling and refresh process. As shown in FIG. 11, the 
RTM system supports an HTML form "Post" or automatic 
refresh, to an active server page script. Thus, a Web page 

20 providing real-time call detail data has a user-selectable 
timeout interval, e.g., one minute or greater, at which point 
the Web browser 100 will re-post a request for data (HTTP 
Post). The Post request is received by an Internet Informa- 
tion (web) Server ("IIS") process 490 in the RTM server 52 

25 that executes an active server page (".asp") script. This asp 
script calls a DLL polling routine 493 via a communications 
(COM) interface. This polling DLL is a Visual C++ appli- 
cation running in the RTM Web server 52. Upon receipt of 
the timeout request, the DLL calls the TVS server 550 for 

30 real-time call detail data retrieval via TCP/IP messaging. 
Particularly, the call detail request is received by a RTM data 
retrieval process 495 executing in the TVS server 500. Then, 
the real time data for each phone number (e.g., 800/8xx or 
VNET) is retrieved from the call detail database 498, which 

35 is the repository of real-time call detail data. The retrieved 
real time data is returned to the polling DLL process 493 and 
the current RTM output is formatted by the polling DLL and 
printed to the HTML page. The HTML page with the 
script-embedded HTML is then communicated back to the 

40 Web Browser 100 via the IIS process 490. 

In the preferred embodiment, the RTM server application 
dynamically adjusts the number of seconds appearing in the 
meta tag of the summary display page, which feature allows 
the user's display to stay in sync with their selected polling 

45 interval regardless of how long the polling operation took 
for the last poll. When the user's browser requests a refresh, 
the data-retrieval software on the RTM web server 52 starts 
a timer. When the data-retrieval software has obtained the 
data necessary to lay out the next Active Profile page, it stops 

50 the timer. The page is then laid out with a Refresh meta tag 
containing a value of the polling interval less the amount of 
time, e.g., seconds, the data-retrieval process took. Finally, 
the page is sent back to the user's browser. For example, if 
the current profile has a 1 minute polling interval and the 

55 dataretrieval process took 3 seconds, then the next refresh 
will begin in 1 minute minus 3 seconds, or 57 seconds. 
During the next refresh, the data-retrieval process may take 
5 seconds, in which case the next refresh will begin in 55 
seconds. Without the dynamic refresh functionality, if the 

60 refresh rate were left at the full polling interval each time, 
the polling would drift forward in time. 

In view of the foregoing, a subscriber via a client work- 
station running a Web browser can monitor in real time, or, 
in addition, using the RTM system, has the ability to monitor 

65 in substantially real time, the operation of the network as it 
relates to the calls directed to that subscriber's special 
service call numbers). For example, the subscriber may see 
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in real time how many calls are being attempted minute by 
minute, how many calls are being allowed through the 
network, how many calls are incompletes, how many calls 
are blocked, etc. This ability to monitor the operation of the 
network gives the subscriber the ability to decide in real time 
the specific actions that need to be taken. For instance, if 
there is an abnormal number of incompletes for a given 
period, the subscriber can look at the specific call records 
that made up those incomplete calls. In the manner described 
in co-pending U.S. patent application Ser. No. 09/159,702, 
filed Sep. 24, 1998, the subscriber may then request the 
management of the network to restructure the network so as 
to reroute the incoming calls of the subscriber to different 
locations where they may better be handled. 

The foregoing merely illustrates the principles of the 
present invention. Those skilled in the art will be able to 
devise various modifications, which although not explicitly 
described or shown herein, embody the principles of the 
invention and are thus within its spirit and scope. 

APPENDIX A 



Field 



Size Type 



Range 



Length of 

Message 

Message 

Type 

Sequence 

Number 



Message 
Type 



Message 

Type 

Version 

Number 

TV Order 

Entry 

Request ID 
Monitored 
Number 
Type 



Monitored 
Number 
Digits 
Corp ID 

8XX Call 

Detail 

Service 

Indicator 

8XX Totals 

Statistics 

Service 

8XX 

Originating 
NPA Service 
8XX 

Originating 

Country 

Code 

Service 

8XX 

Termination 

Service 

8XX 

Statistics 

Destination 



Bytes Unsigned 
Binary 

Byte Unsigned 
Binary 

Bytes Unsigned 
Binary 



The length of the message not in- 
cluding this field. 
1 - TV Order Entry Request 

When this header prefaces a data 
message, 0-4,294,967,295 with 

0 - Reset. When this header serves 
as message delivery confirmation, 
set to the sequence number of the 
data message being "acked." 

1 = Data, 2 = Delivery Ack. 



4 Bytes Unsigned 
Binary 

Order Entry Messages Sent From TVS to GSE 



1 



Byte Unsigned 
Binary 

Bytes Unsigned 
Binary 

Bytes Unsigned 
Binary 

Byte Unsigned 
Binary 



25 Bytes ASCII 



4 Bytes Unsigned 
Binary 

1 Byte Unsigned 
Binary 



1 Byte Unsigned 
Binary 

1 Byte Unsigned 
Binary 

1 Byte Unsigned 
Binary 



1 Byte Unsigned 
Binary 

1 Byte Unsigned 
Binary 



2 - GSE TV Order Entry Response 



961 = Version 96.1 



0-4,294,967,295 



8XX 

VNET DAL 
VNET DDD 
VNET IDDD 
VNET Card 
Remote Access to Vnet 



ASCII representation of up to 25 
digits. Left justified, padded 
with ASCII nulls. 
0-99,999,999 



Turn service off, 
Turn service on 



0 - Turn service off, 

1 - Turn service on 

0 o Turn service off, 

1 ° Turn service on 

0 = Turn service off, 

1 = Turn service on 



= Turn service off, 
= Turn service on 



1-6 - TV Server 1-6 
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APPENDIX A-continued 


Field 


Size Type Range 


s 8XX 


2 Bytes Unsigned 1-1,440 minutes 


Statistics 


Binary 


Collection 




Interval 




VNET Call 


1 Byte Unsigned 0 = Turn service off, 


Detail 


Binary 1 «■ Turn service on 


10 Service 




Indicator 





What is claimed is: 

1. A Web/Internet based monitoring system for obtaining 
15 and communicating real-time telecommunication network 

traffic information relating to a customer's telecommunica- 
tions network to a customer via an integrated interface, said 
system comprising: 

a client browser application located at a client workstation 
20 for enabling interactive Web based communications 
with said monitoring system, said client workstation 
identified with a customer and providing said integrated 
interface; 

at least one secure server for managing client sessions 
25 over the Internet, said secure server supporting one or 
more secure socket connections enabling encrypted 
communication between said browser application cli- 
ent and said secure server; 
a device for generating statistical data based on real-time 
30 call data obtained from a telecommunications network, 
said statistical data being generated according to a 
pre-defined user profile; 
a retrieval device for periodically retrieving said statistical 

data according to said user profile; and, 
a mechanism for integrating said retrieved statistical data 
within a Web page for presentation to said customer 
over a secure connection at pre-defined intervals based 
on the pre-defined user profile, said Web page being 
updated to include the latest statistical data each 
40 interval, the mechanism being further configured to 
dynamically adjust the pre-defined intervals. 

2. The monitoring system as claimed in claim 1, wherein 
said device for generating statistical data includes polling 
means for obtaining said real-time call data from said 

45 telecommunications network, said user profile including a 
specification of polling interval. 

3. The monitoring system as claimed in claim 2, wherein 
said user profile further includes the specification of one or 
more telecommunications network numbers for which sta- 

50 tistical data are to be generated. 

4. The monitoring system as claimed in claim 2, wherein 
said user profile further includes the specification of types of 
call detail statistics to be generated for a specified telephone 
number. 

55 5. The monitoring system as claimed in claim 4, wherein 
said type of telecommunications network includes a cus- 
tomer's toll free network. 

6. The monitoring system as claimed in claim 4, wherein 
said retrieval device for periodically retrieving said statisti- 

60 cal data includes a script mechanism for initiating update of 
said web page with the most recent statistical data. 

7. The system of claim 1 wherein said customer alters one 
or more network configurations based on said retrieved 
statistical data. 

65 8. The system of claim 7 wherein said customer reallo- 
cates one or more network resources based on said retrieved 
statistical data. 
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9. A method for monitoring telecommunications network 
traffic in real-time and presenting corresponding telecom- 
munications network traffic data to a client workstation via 
a Web/lnternet-based integrated interface, said method com- 
prising: 

enabling interactive Web based communications between 
said client workstation identified with a customer and 
one or more secure servers over a secure communica- 
tions link, said one or more web servers forwarding 
Web pages over said secure communications link; 

generating statistical data based on real-time call data 
obtained from a telecommunications network, said 
statistical data being generated according to a pre- 
defined user profile; 

periodically retrieving said statistical data according to 
said user profile; 

integrating said retrieved statistical data within a Web 
page for presentation to said customer over said secure 
communications link at pre-defined intervals based on 
the pre-defined user profile, the pre-defined intervals 
being dynamically adjusted to prevent drifting of the 
intervals; and, updating said Web page to include the 
latest retrieved statistical data each interval. 

10. The method as claimed in claim 9, wherein said step 
of generating statistical data includes polling said telecom- 
munications network to obtain said real-time call data 
therefrom, said method further comprising the step of speci- 
fying a polling interval for said user profile. 
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11. The method as claimed in claim 10, further comprising 
the step of specifying one or more telecommunications 
network phone numbers for said user profile, said statistical 
data to be generated corresponding to a specified telecom - 

5 munications network phone number. 

12. The method as claimed in claim 11, further comprising 
the step of specifying types of call detail statistics to be 
generated for a specified telecommunications network 
phone number 

13. The method as claimed in claim 9, wherein said type 
of telecommunications network includes a customer's toll 
free network. 

14. The method as claimed in claim 9, wherein said step 
15 of periodically retrieving said statistical data includes initi- 
ating an update of said Web page with most recent statistical 
data. 

15. The method as claimed in claim 14, wherein said 
initiating step includes invoking a script within said Web 

20 page. 

16. The method of claim 9 further comprising: 
altering one or more network configurations based on said 

retrieved statistical data. 
^ 17. The method of claim 16 wherein the altering includes: 
reallocating one or more network resources based on said 
retrieved statistical data. 

* * * * * 
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